14c052c7e4efa9df46aff3c8b759c16d_JaffaCakes118 | Triage

Sharing

General

Target

14c052c7e4efa9df46aff3c8b759c16d_JaffaCakes118
Size

176KB
MD5

14c052c7e4efa9df46aff3c8b759c16d
SHA1

17173e660a11b9d8944e68e5770ec65d92f72a3c
SHA256

0d665e8dc7db118b04260c5ef2c6e85d3f23cdce03858d6c7b05b4b3e8efc720
SHA512

0863ad45a363f71b6281d4e67d14fe33c9355c650cf3de1a16a9502772e43ac1a627005a7c85efda9b3f6dd2565dfcac3a8000e630a5e15f6e64b7ab7f069de9
SSDEEP

3072:L1Su0AlSgH9NHwT03aqptRI1GIbI0WQc9y8i08ZdNYuDa9ZENROH6BhL2E:Lj0URj04aqLRI1G2c9yFFtBHNROO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c052c7e4efa9df46aff3c8b759c16d_JaffaCakes118

Files

14c052c7e4efa9df46aff3c8b759c16d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffbf434a21a8329bf4b7c2269c83b6c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

rpcrt4

NdrFixedArrayFree
UuidCreate

kernel32

VirtualAllocEx
RaiseException
LocalAlloc
WideCharToMultiByte
EnumResourceNamesA
CreateProcessA
MultiByteToWideChar
lstrlenA
GetSystemTimeAsFileTime
OpenSemaphoreW
InterlockedExchange

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ